Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8036630

Null ProtectionDomain in JVM can cause NPE because principals field is not initialized to an empty array

    Details

    • Subcomponent:
    • Resolved In Build:
      b08

      Backports

        Description

        Hotspot creates a "null" ProtectionDomain object (basically a PD with a null CodeSource and no permissions) when we do the isAuthorized check. An NPE is thrown if code subsequently calls getPrincipals() on that PD, because hotspot is initializing the principals field to null instead of initializing it with an empty array, like the two public ProtectionDomain constructors do. Right now I can only find a code path affecting debug code, so it is not a critical bug. Attached is a test case, compile and run as:

        java -Djava.security.debug=all Test

        You will see the NPE and stack towards the end of the debug log:

        Exception in thread "main" java.lang.NullPointerException
        at java.security.ProtectionDomain.getPrincipals(ProtectionDomain.java:222)
        at sun.security.provider.PolicyFile.printPD(PolicyFile.java:1774)
        at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1178)
        at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1132)
        at java.security.ProtectionDomain$2.run(ProtectionDomain.java:367)
        at java.security.ProtectionDomain$2.run(ProtectionDomain.java:364)

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  coleenp Coleen Phillimore
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: